Concise way to destroy user's session in Rails -
ok, there appears few approaches 'destroying' user's session , there may subtleties between them , how app handles user sessions.
first, why examples don't use session.delete(:current_user_id)
delete :current_user_id
value (and hash key!)? typical example looks below (i added deleting :return_to
since if signing out, why there need track return_to value).
def sign_out self.current_user = nil session[:current_user_id] = nil session.delete(:return_to) end
if app needs delete session variables , values, isn't safer use session = nil
or session.destroy
? destroy hash entirely. make sense keep current_user_id
in session hash if app supports... tracking of anonymous users ?!?!
thoughts?
by setting session nil you're losing information session (that may included except current_user or used rails) + putting risk of using hash method (like #[]) on nil raise exception won't expect it.
Comments
Post a Comment